Currently the eventlogs on our Win2k SP4 server has a number of security logs in the middle of the night and they are referenceing eventID 676 with the info below.
Authentication Ticket Request Failed:
User Name: barbara
Supplied Realm Name: FNBHAYS.COM
Service Name: krbtgt/FNBHAYS.COM
Ticket Options: 0x40810010
Failure Code: 0x12
Client Address: 172.16.1.210
The usernames vary and sometimes are blank. Logins are disable from 7pm to 7am and there is nobody present on-site etc.
Any insight would be appreciated on what may be happening